From e2f65e26ef43d149860081eecf78a0acd5a1930c Mon Sep 17 00:00:00 2001 From: David Michaels Date: Tue, 2 Jul 2024 17:47:45 -0400 Subject: [PATCH] fix in access_key_expiration_detection.py for expiration time --- .../checks/access_key_expiration_detection.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/foursight_core/checks/access_key_expiration_detection.py b/foursight_core/checks/access_key_expiration_detection.py index a877aafeb..5fe10375a 100644 --- a/foursight_core/checks/access_key_expiration_detection.py +++ b/foursight_core/checks/access_key_expiration_detection.py @@ -24,9 +24,9 @@ def access_key_status(connection, **kwargs): access_keys = search_metadata(f'/search/?type=AccessKey&description={fs_user_kp}&user.uuid={user_uuid}' f'&sort=-date_created', key=connection.ff_keys) most_recent_key = access_keys[0] # should always be present if deploy has run - # date format: 2022-07-05T01:01:43.498347+00:00 (isoformat) - most_recent_key_creation_date = datetime.fromisoformat(most_recent_key['date_created']) + access_key_id = most_recent_key.get('access_key_id') # Get the expiration_date from the data. + # Date format: 2022-07-05T01:01:43.498347+00:00 (isoformat) expiration_date = datetime.fromisoformat(most_recent_key['expiration_date']) one_week_to_expiration = expiration_date - timedelta(days=7) three_weeks_to_expiration = expiration_date - timedelta(days=21) @@ -35,16 +35,16 @@ def access_key_status(connection, **kwargs): check.status = 'FAIL' check.summary = (f'Application access keys will expire in less than 7 days!' f' Allowing refresh action.' - f' Expiration date: {expiration_date}') + f' Access key ({access_key_id}) expiration date: {expiration_date}') check.brief_output = check.full_output = check.summary # Returning with prevent_action set to False; # allows the check to run automatically. return check elif now > three_weeks_to_expiration: check.status = 'WARN' - check.summary = (f'Application access keys will expire in less than 21 days!' - f' Please run the deployment action soon.' - f' Expiration date: {expiration_date}') + check.summary = (f'Application access keys will expire in less than three weeks.' + f' Deployment or access key refresh action needed soon.' + f' Access key ({access_key_id}) expiration date: {expiration_date}') check.brief_output = check.full_output = check.summary # This prevents the from running automatically after the check; # though the user is still allowed to run it manually in any case. @@ -53,7 +53,7 @@ def access_key_status(connection, **kwargs): else: check.status = 'PASS' check.summary = (f'Application access keys expiration is more than 3 weeks away. All good.' - f' Expiration date: {expiration_date}') + f' Access key ({access_key_id}) expiration date: {expiration_date}') # This prevents the from running automatically after the check; # though the user is still allowed to run it manually in any case. check.prevent_action = True @@ -66,6 +66,7 @@ def refresh_access_keys(connection, **kwargs): action = ActionResult(connection, 'refresh_access_keys') admin_keys = [('4dndcic@gmail.com', 'access_key_admin'), # fourfront admin ('cgap.platform@gmail.com', 'access_key_admin'), # cgap admin + ('snovault.platform@gmail.com ', 'access_key_admin'), # encoded-core/smaht portal admin ('tibanna.app@gmail.com', 'access_key_tibanna'), ('foursight.app@gmail.com', 'access_key_foursight')] s3 = s3_utils.s3Utils(env=connection.ff_env)